The latest report from the White House's Office of Management and Budget (OMB) shows that the number of cybersecurity incidents dropped in 2019, partly due to better security programs and increased investments.
The US government is always a target for cybercriminals, including everything from rogue hackers to nation states. Whatever the cause, protection of critical infrastructure and state departments is ensured by a host of agencies that keep a close eye on security incidents.
According to the report submitted by OMB to Congress, it turns out that the total number of security incidents fell 8% in 2019, to 28,581 from 31,107 in 2018. Keep in mind that security incidents don't mean successful intrusions, but a host of infractions that could be as minor as poor password management discovered during an audit.
"The decline in incidents is correlated with the continued maturation of agencies' information security programs," states the report. "The report to Congress on the implementation of the Federal Information Security Modernization Act of 2014 (FISMA) highlights government-wide programs and initiatives as well as agencies' progress to enhance Federal cybersecurity over the past year. This decline in incidents reported in no way indicates a reduction in the cybersecurity threat posed to the Federal Government."
The Department of Homeland Security, along with the Cybersecurity and Infrastructure Security Agency, conducted 71 high-value asset assessments. This resulted in 448 findings underlying some potential security problems that look very much like those faced by the business sector.
The most significant threat is spear-phishing, followed by patch management, admin password reuse, unsecure default configurations, and weak password policies.
Broken into categories, the security incidents become much clearer. Violation of security policies by employees is the biggest issue, accounting for 12,507 security incidents. Emails and phishing follow, along with attacks executed from web-based applications, loss or theft of equipment, and others.
The report also gives a few examples of major cybersecurity problems, including one from FEMA in which the personal details of 2.5 million hurricane survivors were compromised by mistake.
There's no indication that it's a trend, but better implementation of security policies, hardware upgrades and more investments seem to have put a dent into the number of security incidents, even if it's just for one year.